HIGHCVE-2026-5483Published Modified CNA redhat
CVE-2026-5483: Odh-dashboard: odh dashboard kubernetes service account exposure
A flaw was found in odh-dashboard in Red Hat Openshift AI. This vulnerability in the `odh-dashboard` component of Red Hat OpenShift AI (RHOAI) allows for the disclosure of Kubernetes Service Account tokens through a NodeJS endpoint. This could enable an attacker to gain unauthorized access to Kubernetes resources.
Metrics
- CVSS v3.1
- 8.5
- Severity
- HIGH
- Fixed in
- 1775230902
- Affected Products
- 7
Fix available
1775230902177523471117752399581775523049
Affected packages
- Red Hat / Red Hat OpenShift AI 2.16Fixed in 1775230902
- Red Hat / Red Hat OpenShift AI 2.25Fixed in 1775234711
- Red Hat / Red Hat OpenShift AI 3.2Fixed in 1775523049
- Red Hat / Red Hat OpenShift AI 3.3Fixed in 1775239958
- Red Hat / Red Hat OpenShift AI (RHOAI)
- Red Hat / Red Hat OpenShift AI (RHOAI)
- Red Hat / Red Hat OpenShift AI (RHOAI)
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H